Menu

Exploring software development on the cloud

Tag Archives: VPN

My company operates QuickSchools.com, and with it we’re trying hard to break into the US market. Our servers are located in Seattle. But accessing and managing those servers from Malaysia is an absolute nightmare, due to the dismal performance of Streamyx broadband when we try to access sites in the US. Go ahead, try to access our QuickSchools.com website. If you’re on Streamyx, you’ll see how frustratingly slow it is. (Thankfully, the site is blazingly fast when accessed from the US.)

My company would not mind paying for a higher grade of Streamyx, but I have no confidence this would solve our problem. The issue seems to be with the international links that Streamyx uses, and not my last mile connection.

Happily, we’ve figured out a working solution which allows us to connect to US sites with a more consistent, and faster connection. I’m seeing download speeds increase by 10 times. How about that eh!

I developed the solution based on a hunch. The local streamyx network itself is not a major problem. Connection to other ISPs in Malaysia and to Singapore is just fine. However, I guessed that Singapore’s link to the US would be much faster.

So I rented a virtual private server (VPS) in Singapore (gplhost.com). It took only minutes to sign-up online, and Debian was installed within 15 minutes. So, from the Singapore server, I pinged our US servers. True enough, I got good response times! Ping took about 200 ms. Compare that with 400 ms using my home or office Streamyx connection.

Next, I set up an OpenVPN server on the Singapore server, and configured it so that it would route all client traffic through the VPN. It’s pretty much the default configuration, with these additional configurations, as detailed here.

It would act as a gateway for all VPN clients (push “redirect-gateway”)

It should push the DNS address that the Singapore server uses (push “dhcp-option DNS x.x.x.x”).

I turned on IP Forwarding on Debian.

I configured the iptables to run NAT on vpn traffic:

iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE

iptables -t nat -L -n will show the result

Next, I installed OpenVPN-GUI on my Vista laptop. To make it work, I had to do these additional steps:

Set the bin\openvin.exe to run as administrator (right-click -> Properties -> Compatability tab -> set run as administrator)

Added these two lines to the end of the client.ovpn file

route-method exe

route-delay 2

Set up Windows Firewall so that it does not firewall the Windows TAP virtual adapter. To do this, I first checked to see which is the Windows TAP virtual adapter by opening Device Manager, under Network Adapters. Then run ipconfig /all in a command prompt window to find out which network connection uses the TAP device. Finally, in Windows Firewall -> Advanced tab, I looked for the network connection corresponding to the TAP virtual adapter, and unchecked it.

It took a little bit of debugging to get everything going. Once it did, I set about testing.

Initial results were not mind-blowing. Using speedtest.net, I got these results.

Without VPN

With VPN

Ping

Generally above 350.

Can be above 320 sometimes.

Generally below 350.

Transfer of a 1.5MB file via WinSCP

1min 17s.

1min 23s.

SpeedTest.net (to Seattle, US)

Download/Upload/Ping

Try 1: 700/350/372

Try 2: 652/343/372

Upload/Upload/Ping

Try 1: 499/548/319

Try 2: 548/827/328

So it would appear that with VPN via Singapore, ping times improve more than 10%, upload speeds improve by 100%, but download speeds get worse by about 20%.

However, in practice, I find the VPN solution to be an excellent backup for those frequent times where Streamyx just chokes. For example, just today my staff tried to download a 6MB file, and after 10 minutes it appeared it would still take another 50 minutes over Streamyx (groan). I whipped up my VPN connection, and the file downloaded in less than 5 minutes. We can all agree that’s an appreciable improvement.

As another example, there are some sites which simply die when trying to load over Streamyx. One example is www.visiblebody.com whose servers are located in Massachusetts, It’s an awesome site that allows you to explore the human body in 3D (for free!). For an amateur anatomist like I am, it’s truly a gift. However, with Streamyx I simply could not load the entire 3D model, despite trying more than 10 times. But with the VPN solution, I got the model downloaded and ready for exploration in less than 15 minutes (it’s a BIG model).

Now, this solution is not cheap. I elected for the VPS package which allows for 150GB of monthly transfer for USD30/month. But for those who are desperate for a faster and more consistent link to the US, and only have Streamyx as a viable option, than the USD30/month is absolutely worth it.

Last note: I understand HTTP proxy can also be a viable solution, but for me I wanted a complete TCP/IP solution because I use other protocols like WinSCP, CVS, etc.